Verified Document

Security Systems And Security Research Paper

Auditing, Monitoring, Intrusion Prevention, Detection, and Penetration Testing The network vulnerability is a major security weakness that allows an attacker reducing computer information assurance. Vulnerability intersects three elements: a system flaw, the attacker is having access to the flaw, and ability to exploit the flaw. Thus, a security risk is classified as a vulnerability that is tied to a great significant loss. The vulnerability can erode data confidential, system integrity and availability of data.

The objective of this study is to carry out analysis of two research articles that discusses the network vulnerabilities in the IT environment. (Jackson, et al.2008, Sommer, et al. 2003). Both articles believe that attackers exploit the network vulnerabilities to inflict damages in the information systems. Moreover, the two articles agree that the traditional securities such as network IDS (intrusion detection system) (Sommer, et al. 2003) and DNS pinning (Jackson, et al.2008) are no more effective in guiding against the network vulnerabilities, and recommends effective security strategies to protect the information systems.

Summary of Article 1

This study provides the critics of the article titled "Protecting Browsers from DNS Rebinding Attacks" (Jackson, Barth, Bortz, Shao, et al. 2008 p 1). The authors identify the DNS rebinding attacks as one of the vulnerabilities of the network attacks used to subvert the "browsers and convert them into open network proxies." (Jackson, et al. 2008 p 1). In other words, the DNS rebinding attack has been identified as the core security against the internet browsers used to hijack IP address and circumvent firewalls.

Typically, hackers can use the tactics to circumvent firewall by sending the email spam as well as defrauding the PPP (pay per click) adverts. The authors also reveal that an attacker can highjack 100,000 IP addresses with less than $100. The article argues that DNS rebinding attacks and subversion are real in a real world, and can be used to penetrate browsers, Flash, and Adobe, which can have serious security implications on Web 2.0 application packing more action and code on the client. Thus, relying on the only firewall for protection is risky since attackers can subvert the firewall with the DNS rebinding attacks. The authors also explain in-depth the strategy that attackers use in manipulating the multimedia plug-ins, which include Flash Player, Microsoft Silverlight and Java bypassing the security systems of the browsers such as Mozilla Firefox, Internet Explorer, Opera, and Safari.

According to the study, the DNS rebinding attacks are able to confuse the browser and converting the browsers into open proxies. With DNS rebinding, attackers can circumvent the firewalls in order to spider the corporate intranets, compromised the unpatched internal machines, and infiltrate sensitive documents. Jackson, et al. (2008) further reveal that an attacker can send spam emails to hijack the IPs, frame clients, and commit click frauds. Thus, the DNS vulnerabilities allow attackers to write and read the network sockets, and use the Javascript-based botnets to send the HTTP requests. The authors also point out that an attacker only needs to create a website to launch an attack, and the strategy is by using the website to attract the web traffic using the DNS queries to launch the malicious Javascript to circumvent the firewall.

Jackson et al. (2008) argue that attackers can circumvent firewall by launching a request on the website, rebinding the hostname of the target server making it inaccessible to the public internet. The strategy will confuse the browser and make it thinking that the two servers are from the same source because they share the same host name. When the DNS Rebinding bypasses the firewall, it will take over the entire system and affect every file of the target network.

The authors also discuss the strategy that attackers can employ in hijacking the IP. The method is by using the DNS attack against the machine to make them inaccessible to the legitimate users. Moreover, the attacker can explicitly and implicitly abuse the public services to masquerade as...

While the authors mention the DNS pinning as one of the securities strategies against the DNS rebinding, however, DNS pinning is no more effective because current browsers integrate the plug-ins in order to add functionality to the web pages. The authors suggest that users should offer security to their firewall by blocking certain ports that include port 53 to prevent the outbound traffic on the port. Moreover, the authors suggest that users should constantly update the firewall patches to assist in blocking the unauthorized traffic. Essentially, keeping firewall updated is critical in assisting the users staying ahead of the attack. The authors also recommend that users should use the combination of the hardware firewall and software firewall to achieve maximum protection against the DNS rebinding attack. The authors recommend that users should constantly update their Java applet and Flash players since developers update their plug-ins as new vulnerable is identified. The authors also suggest that the users should protect the browsers against the DNS rebinding attack by changing the browser's default setting to a more tailored setting to enhance effective protection of the browsers. Critically, the default setting can open users to attacks, and by modifying the browser default setting, an attacker will face challenges in launching attacks on plug-ins and browsers.
Analysis

Overview of the article reveals that the authors enhance a greater understanding of the DNS Rebinding attacks, and the research elucidate issues relating to plug-ins vulnerabilities and solution to the problems. The strength of the research is that the authors divide the vulnerabilities into groups and subgroups to enhance an easy grasping of the problems. Moreover, the authors avoid using the technical and complex languages to make wider audience understanding the article. The study also provides the detail information of the strategy that attackers employ in implementing vulnerabilities. For example, it only needs an attacker to create a website such as www.attacker.com and use the strategy to launch a DNS rebinding attack. For example, the attacker only needs to launch the web attract traffics to the domain through an advert and attract the visiting clients to his server and then serve malicious Javascript to on the visitors. Though the information provided, users will be able to develop an effective strategy to identify vulnerabilities and protect their IT and computer infrastructures. Despite the strategy the authors employ in elaborating the security systems against the vulnerabilities, the authors fail to ignore the impact of the malware in aggravating vulnerabilities in the contemporary business environment. Recent trends in the network vulnerabilities show that malicious malware has become a sophisticated type of threats to the network and computer systems, and it can cause enormous damage the computer systems before the user is aware of the damage.

Contributions and Strengths

The major strength of this article is that it assists in educating the users on how easy to launch attacks on the network systems. Through, this information, the users can develop an effective strategy to protect their systems. For example, authors elaborate that an attacker only needs to spend $100 on the advert to hijack 100,000 IP address, with that cost, an advert of $1,000 will cause an enormous damage. Thus, information in the article will assist the users to elaborate a plan to overcome the DNS rebinding attacks. The simple and non-technical language used by the authors in solving the problems will assist the users in overcoming the DNS rebinding vulnerabilities.

Moreover, the authors enhance a greater understanding of the users about keeping the system up-to-date. For example, authors explain that keeping Javascript and flash player up-to-date is an effective tool to guide against the DNS rebinding vulnerability. The information is good because many users do not understand the security benefits of keeping the system update, thus, this information will enhance a greater understanding of the users that keeping the system up-to-date is an effective security strategy against the vulnerabilities.

Weaknesses and Limitations

The authors make the users understand that the DNS rebinding is the effective way, which attackers can use to bypass the firewall and cause IP hijacking, and system updating is an effective method to guide against the vulnerabilities. However, the security strategies suggested by the authors are not adequate because updating the system after the attack may not prevent the vulnerabilities because the users may not know that the attack has been launched, which may put the system at risk. The authors also suggest using the firewall to block…

Sources used in this document:
Reference

Debar, H. & Morin, B.(2002). Evaluation of the Diagnostic Capabilities of Commercial Intrusion Detection Systems. RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection:177-198.

Jackson, C., Barth, A., Bortz, A., Shao, W., and Boneh, D. (2008). Protecting browsers from DNS rebinding Attacks. ACM Trans. ACM Transactions on the Web (TWEB). 3(1).

Karlof, C. Shankar, U. Tygar, J.D. et al. (2007). Dynamic pharming attacks and the locked same-origin policies for web browsers. Proceedings of the 14th ACM conference on Computer and communications security: 58-71.

Lam, V.T, Antonatos, S. Akritidis, P. et al. (2007). Puppetnets: Misusing web browsers as a distributed attack infrastructure. ACM Transactions on Information and System Security 12(2).
Cite this Document:
Copy Bibliography Citation

Related Documents

Securities Regulation of Nonprofit Organizations
Words: 12607 Length: 45 Document Type: Dissertation or Thesis complete

Securities Regulation SECURITIES REGULARIZATIONS IN NON-PROFIT ORGANIZATIONS The ensuring of the fact that an organization is working as per regulations and is following the code of conduct, while keeping the interest of the public first, are matters which are becoming more and more complicated with the passage of time. Therefore, it can be said with some emphasis, that today one of the most basic issues of many organizations is the issue of

Security Management Strategies for Increasing Security Employee
Words: 2501 Length: 8 Document Type: Essay

Security Management Strategies for Increasing Security Employee Retention Design Effective Job Characteristic Model Skill Variety Task Identity and Task Significance Autonomy and Feedback Meeting Expectations Market Competitive Package Strategies for Increasing Security Employee Retention Security employees constitute the most important component of organizational workforce. It is because; they ensure the core survival of organization and its assets. However, the ironic fact is the security employees are considered blue collar workers and their compensation packages are low (Hodson & Sullivan,

Security for Networks With Internet Access
Words: 4420 Length: 12 Document Type: Term Paper

Security for Networks With Internet Access The continual process of enterprise risk management (ERM) has become an integral component of successful organizational assessment, because the process of accurately identifying various risk factors, and interpreting their potential advantages and disadvantages, ensures that a business remains capable of anticipating and addressing internal and external contingencies. The following ERM implementation plan for the security of internet-accessible networks is intended to provide a navigable framework

Security Overview Businesses Today Are
Words: 3366 Length: 13 Document Type: Research Paper

(Gartenberg, 2005) Like all other aspects of business today, security systems often prove to be highly complex and hard (even for the participants) to identify. The culture of an organization is like the culture of a family, a community, or a nation: Because it surrounds the people in it they often have a great deal of difficulty in recognizing to what extent policies and procedures arise from the constraints of culture

Security in Cloud Computing
Words: 3274 Length: 10 Document Type: Research Paper

Security in Cloud Computing Security issues associated with the cloud Cloud Security Controls Deterrent Controls Preventative Controls Corrective Controls Detective Controls Dimensions of cloud security Security and privacy Compliance Business continuity and data recovery Logs and audit trails Legal and contractual issues Public records The identified shortcomings in the cloud computing services and established opportunities for growth regarding security aspects are discussed in the current research. The security of services is regarded as the first obstacle. The opportunity for growth is provided as combination

Security Plan the Maryland Public
Words: 2681 Length: 9 Document Type: Case Study

This is sensitive information that should be securely stored. The records contain confidential information that could be used in identity theft. The records should be securely stored either in soft copy or hard copy. Only authorized personnel should have access to these records. Audit trails should be installed to keep track of the personnel who access the records. The authorized personnel should be analyzed and background checks conducted. Strict

Sign Up for Unlimited Study Help

Our semester plans gives you unlimited, unrestricted access to our entire library of resources —writing tools, guides, example essays, tutorials, class notes, and more.

Get Started Now